// 鉴权
export default defineEventHandler(async (event) => {
  // 白名单路由不需要鉴权
  const API_WHITE_LIST = process.env.API_WHITE_LIST?.split(',') || []
  if (API_WHITE_LIST.some(route => event.path?.startsWith(route))) {
    return
  }
  try {
    // 验证 Token 并获取用户信息
    const accessToken = getTokenFromHeader(event)
    const payload = verifyAccessToken(accessToken)
    // 将用户信息存储到上下文中
    event.context.user = payload
  } catch (error) {
    console.error('auth error', error);
    return catchErrorResponse(error)
  }
})